Cisco Cisco Firepower Management Center 4000 Developer's Guide
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
28
Understanding the eStreamer Application Protocol
Event Stream Request Message Format
Chapter 2
Event Stream Request Message Format
eStreamer clients use the Event Stream Request message to start a streaming
session. The request message includes a start time and a bit flag field to specify
the data the eStreamer service should include, which can be any combination of
events, as well as intrusion event extra data and metadata. The Event Stream
Request message can initiate both event stream requests and extended
requests. The message type is 2.
You must submit an Event Stream Request message for all data requests,
You must submit an Event Stream Request message for all data requests,
including a request exclusively for host profile information. In such a case, you
first submit an Event Stream Request message, then a Host Request message
(type 5) to specify the host data.
The following graphic illustrates the Event Stream Request message format. The
The following graphic illustrates the Event Stream Request message format. The
message uses the standard header. The shaded fields are specific to the request
message and are described in the following table.
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Header Version (1)
Message Type (2)
Message Length
Initial Timestamp
Request Flags